github-actions: set bpf to icmp for af-packet

author Victor Julien <vjulien@oisf.net>

Wed, 15 May 2024 05:03:05 +0000 (07:03 +0200)

committer Victor Julien <victor@inliniac.net>

Thu, 16 May 2024 05:09:24 +0000 (07:09 +0200)
author Victor Julien <vjulien@oisf.net>
Wed, 15 May 2024 05:03:05 +0000 (07:03 +0200)
committer Victor Julien <victor@inliniac.net>
Thu, 16 May 2024 05:09:24 +0000 (07:09 +0200)
diff --git a/.github/workflows/live/afp-ids.sh b/.github/workflows/live/afp-ids.sh

index 8e27bf9fe8f85623f202e500c6799603289f248c..2af91572bbbd37f866ff7d776a2cf94bbf9ea779 100755 (executable)
--- a/.github/workflows/live/afp-ids.sh
+++ b/.github/workflows/live/afp-ids.sh
@@ -52,7 +52,9 @@ fi
  # Start Suricata, SIGINT after 120 secords. Will close it earlier through
  # the unix socket.
  timeout --kill-after=240 --preserve-status 120 \
-    ./src/suricata -c suricata.yaml -l ./ --af-packet=$IFACE -v --set af-packet.1.tpacket-v3=$V3 --set default-rule-path=. --runmode=$RUNMODE &
+    ./src/suricata -c suricata.yaml -l ./ --af-packet=$IFACE -v \
+        --set af-packet.1.bpf-filter=icmp \
+        --set af-packet.1.tpacket-v3=$V3 --set default-rule-path=. --runmode=$RUNMODE &
  SURIPID=$!
  
  sleep 15
author	Victor Julien <vjulien@oisf.net>
	Wed, 15 May 2024 05:03:05 +0000 (07:03 +0200)
committer	Victor Julien <victor@inliniac.net>
	Thu, 16 May 2024 05:09:24 +0000 (07:09 +0200)